<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>GX College Social Networking</title>
</head>

<body>
<table width="753" height="366" border="0">
  <tr>
    <td bgcolor="#6699FF" height="34" colspan="7"><marquee>GX College Networking</marquee></td>
  </tr>
  <tr>
    <td bgcolor="#6699FF" width="139" height="43"><a href="/ProfessorHomePage.php">Homepage</a></td>
    <td bgcolor="#6699FF" width="133"><a href="/ProfessorHomePageProfile.php">Profile</a></td>
    <td bgcolor="#6699FF" width="108"><a href="/ProfessorHomePageAlbums.php">Albums</a></td>
    <td bgcolor="#6699FF" width="170"><a href="/ProfessorHomePageFriend.php">Friends</a></td>
    <td bgcolor="#6699FF" width="115"><a href="/ProfessorHomePageMessage.php">Messages</a></td>
    <td bgcolor="#6699FF" width="62"><a href="/logout.php">Logout</a></td>
    <td bgcolor="#6699FF" width="194">
    <form action="/ViewAllCandidateSearchProfessor.php" method="post">
Enter Candidate's first name:  
<input type="text"  name="firstname" />
<input type="submit" name="submit" value="submit" />
</form>
    </td>
  </tr>
  <tr>
    <td bgcolor="#6699FF" height="281">
    <table bgcolor="#6699FF" width="200" border="0">
    <tr>
        <td><a href="/ViewAddRequestsProfessor.php">Add Friend Requests</a></td>
      </tr>
      <tr>
        <td><a href="/ViewFriendsProfessor.php">View Friends</a></td>
      </tr>
      <tr>
        <td><a href="/ViewFriendsDeleteProfessor.php">Delete Friends</a></td>
      </tr>
    </table>
    </td>
    <td colspan="5">
    <?php
session_start();
$cuid = $_SESSION['username'];
//$firstname = $_POST['firstname'];

$conn = oci_connect("gaurav", "gaurav", "xe"); 
$query =
  "(SELECT Co.Friend1,Ca.FName,Ca.MName,Ca.LName,Co.Accepted FROM Connects Co, Candidate Ca
   WHERE Co.Friend2 like '$cuid' and Co.Friend1=Ca.Cuid) union (SELECT Con.Friend2,Can.FName,Can.MName,Can.LName,Con.Accepted FROM Connects Con, Candidate Can WHERE Con.Friend1 like '$cuid' and Con.Friend2=Can.Cuid)";

  $emp = db_do_query($conn, $query, OCI_FETCHSTATEMENT_BY_ROW);


  ui_print_employees($emp, $_SERVER['SCRIPT_NAME']);

  
function ui_print_employees($employeerecords, $posturl)
{
  if (!$employeerecords) {
    echo '<p>No Candidate found</p>';
  }
  else {
    echo <<<END
<form action="/ViewFriendsProfessorProfile.php" method="post">
  <table border = "1">
  <tr>
    <th>&nbsp;</th>
    <th>CUID</th>
    <th>First Name</th>
    <th>Middle Name</th>
    <th>Last Name</th>
	<th>Accepted</th>
  </tr>
END;
    foreach ($employeerecords as $emp) {
      echo '<tr>';
      echo '<td><input type="radio" name="cuidrec" value="'.htmlentities($emp['FRIEND1']).'"></td>';
      echo '<td align="right">'.htmlentities($emp['FRIEND1']).'</td>';
      echo '<td>'.htmlentities($emp['FNAME']).'</td>';
      echo '<td>'.htmlentities($emp['MNAME']).'</td>';
      echo '<td>'.htmlentities($emp['LNAME']).'</td>';
      echo '<td>'.htmlentities($emp['ACCEPTED']).'</td>';
      echo '</tr>';
    }
    echo <<<END
  </table>
  <input type="submit" value="Show Friend" name="modifyemp">
  </form>
END;
  }
}

// Execute query and display results 
function db_do_query($conn, $statement, $bindvars = array())
{
  $stid = oci_parse($conn, $statement);
  if (!$stid) {
    db_error($conn, __FILE__, __LINE__);
  }

  // Bind the PHP values to query bind parameters
  foreach ($bindvars as $b) {
    // create local variable with caller specified bind value
    $$b[0] = $b[1];  
    // oci_bind_by_name(resource, bv_name, php_variable, length)
    $r = oci_bind_by_name($stid, ":$b[0]", $$b[0], $b[2]); 
    if (!$r) {
      db_error($stid, __FILE__, __LINE__);
    }
  }
  $r = oci_execute($stid, OCI_DEFAULT);
  if (!$r) 
  {db_error($stid, __FILE__, __LINE__);}
  $r = oci_fetch_all($stid, $results, null, null,
                         OCI_FETCHSTATEMENT_BY_ROW);
  return($results);
}

function db_error($r = false, $file, $line)
{
  $err =  $r ? oci_error($r) : oci_error();

  if (isset($err['message'])) {
    $m = htmlentities($err['message']);
  }
  else {  
    $m = 'Unknown DB error';
  }

  echo '<p><b>Error</b>: at line '.$line.' of '.$file.'</p>';
  echo '<pre>'.$m.'</pre>';

  exit;
}
?>
    </td>
  </tr>
</table>
</body>
</html>